AuthenticationSuccessHandler not getting called
I'm just getting my feet wet with Spring and Spring Security, and I feel I must be missing something fundamental to the authentication configuration/process. After successful authentication, I need to redirect to one of several pages (sub-applications), depending upon how the user authenticated and their roles.
It was my understanding that I would have to write a custom AuthenticationSuccessHandler and override onAuthenticationSuccess(). I did that, but that class isn't getting called, so Spring Security just redirects to "/" by default I guess (where I get a 404). If I manually navigate to the proper page after authentication, it loads fine. Am I misconfigured?
Code:<beans:bean id="myCustomAuthenticationProvider" class="com.company.MyAuthenticationProvider" > <!-- this works fine --> </beans:bean> <beans:bean id="myAuthenticationSuccessHandler" class="com.company.MyAuthenticationSuccessHandler"> <!-- This never gets called --> </beans:bean> <beans:bean id="myAuthenticationEntryPoint" class="com.company.MyAuthenticationProcessingFilterEntryPoint"> <!-- This just appends to the querystring --> <beans:property name="loginFormUrl" value="/login.html"/> <beans:property name="forceHttps" value="true"/> </beans:bean> <beans:bean id="customAuthenticationProcessingFilter" class="com.company.MyAuthenticationProcessingFilter"> <!-- this invalidates existing session before calling super.attemptAuthentication(...) --> <beans:property name="authenticationManager" ref="authenticationManager" /> <!-- Is this line configured wrong??? --> <beans:property name="authenticationSuccessHandler" ref="myAuthenticationSuccessHandler" /> <beans:property name="allowSessionCreation" value="true" /> </beans:bean> <authentication-manager alias='authenticationManager' > <authentication-provider ref="myCustomAuthenticationProvider" /> </authentication-manager> ... <http auto-config="false" entry-point-ref="myAuthenticationEntryPoint" authentication-manager-ref="authenticationManager"> <custom-filter ref="customAuthenticationProcessingFilter" position="FORM_LOGIN_FILTER" /> ...
Reply With Quote
